
United States R\tent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, ViiBinia 22313-1450 
www.uspto.gov 



APPLICATION NO. 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 


09/620,119 




07/20/2000 


Michiko Ambe 


FUJR 17.394 


2706 


7590 


09/29/2003 









Helfgott & Karas PC 
60th Floor 

Empire State Building 
New York, NY 10118 



EXAMINER 



MOORE, lANN 



ART UNIT 



PAPER NUMBER 



2661 

DATE MAILED: 09/29/2003 



4- 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 07-01) 



Office Action Summary 



Application No. 

09/620,119 



Examiner 

Ian N Moore 



Applicant(s) 

AMBE, MICHIKO 



Art Unit 

2661 



The MAILING DA TE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION, 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days wilt be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the OfTice later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)n This action is FINAL. 2b)M This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) S Claim(s) 1-10 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed. 

6) M Claim(s) 1-10 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10)S The drawing(s) filed on is/are: aO accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
1 !)□ The proposed drawing correction filed on is: a)n approved b)n disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) 0 The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) 13 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)|3AII b)n Some*c)n None of: 

1 .[3 Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 



3.n Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (POT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 . 
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1) M Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). , 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) D Notice of Informal Patent Application (PTO-1 52) 

3) M Information Disclosure Statement(s) (PTO-1449) Paper No(s) 3. 6) □ Other: 
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DETAILED ACTION 



Drawings 



The drawings are objected to under 37 CFR 1.83(a). The drawings must show every 
feature of the invention specified in the claims. Therefore, the "third storage" (Claim 5, line 
26) must be shown or the feature(s) canceled from the claim(s). No new matter should be 
entered. 

A proposed drawing correction or corrected drawings are required in reply to the Office 
action to avoid abandonment of the appUcation. The objection to the drawings will not be held 
in abeyance. 



The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

1 . Claim 5, 6, and 7 are rejected under 35 U.S.C 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Claim 5 recites a server comprising a "third storage". It is unclear what or where the 
third storage is. Neither specification nor the drawing clearly discloses the third storage. 

Claim 6 and 7, please see above since these. claims are depended on Claim 5. 



Claim Rejections - 35 USC § 112 



Claim Rejections - 35 USC §102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C 102 that form the 
basis for the rejections under this section made in this Office action: 



Application/Control Number: 09/620,119 
Art Unit: 2661 



Page 3 



A person shall be entitled to a patent xinless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1 (a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published xinder Article 21(2) of such treaty in the English language. 

2. Claim 1, 3, 5, 8, 9, and 10 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Tanimoto (U.S. Patent 6,075,776). 

Regarding Claim 1, Tanimoto 776 discloses a network system corr5)rising: 

(a) a plurality of terminals which send and receive packets (Terminal TE 101-102, 
Fig. 1), each terminal belonging to one of a plurality of logical groups (Home Network HNW 
200; Fig. 1); 

(b) a plurality of switches (Routers 400, RAS 301, and RAC 601; Fig. 1) which 
interconnect said plurality of terminals by receiving and forwarding the packets originating 
front said terminals, each of said switches conprising: 

first storage means for storing information that is used to identify logical group 
membership of the source terminal of a received packet (in router 401, a table with respect to 
the correspondence between each destination layer 3 address and relevant path information, 
that is, a table of routing data, is previously stored; see col. 4, line 33-37. Also, reference 
numeral 401 indicates a router, reference numerals 1 1 1 and 112 indicate TEs connected to 
and subordinated under router 401, and reference numeral 900 indicates an ARP (Address 
Resolution Protocol) cash managed by router 401; see col. 4, line 45-48), 

query means for sending a query to request information about the logical group 
membership, when said first storage means has failed to provide sufficient information to 
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identify the logical group membership of a particular source terminal (if layer 3 address is 
known while layer 2 address is unknown for a destination, the layer 2 address can be 
acquired using the ARP cash, this method being known as the "ARP". When layer 2 address 
of TE 1 1 1 is required, router 401 broadcasts an ARP request packet, in which the layer 3 
address of TE 1 1 1 is included, to all connected and subordinated TEs; see col. 4, Une 50-57), 
and 

updating means for updating the information stored in said first storage means 
according to a response to the query sent by said query means (router 401 extracts the layer 2 
address from the ARP response packet and stores it into ARP cache 900 to be used in later 
communication; see col. 4, line 59-62); and 

(c) a server (IMS 700, Fig. 1) which control said plurality of switches (Routers 400, 
RAS 301, and RAC 601) con^rising: 

second storage means for storing a list of identifiers of the terminals, in association 
with the logical groups to which the terminals belong (FIG, 2 shows initial information 
management table 50 for the VLAN, which is initially provided in IMS 700, and after this 
initialization, the VLAN is arranged with reference to this table. That is, this is a table for 
setting correspondence between MAC addresses of all TEs in the VLAN system and the IP 
address (i.e., the Internet address) of RAS 301; see col. 4, line 64-67), 

searching means for searching said second storage means in response to the query 
from said requesting switch (for this authentication request from RAC 601 , IMS 300 
performs authentication and address resolution with respect to the home address, based on 
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the sent MAC address of TE 101 and with reference to the above-explained initial 
information management table 50; see col. 5, line 39-44), and 

transmission means for receiving a search result from said searching means and 
sending the search result to said requesting switch (IMS 700 retums a packet indicating that 
the TE has been authenticated and also retums the IP address of RAS 301 of HNW 200; see 
col 5, line 50-55). 

Regarding Claim 3, Tanimoto 776 discloses the server further con5)rises 
supposition means for suggesting a specific logical group to which said source terminal in 
question is supposed to belong, based on the identifier of the source terminal, when said 
searching means has failed to provide the requested information (for this authentication 
request from RAC 601, IMS 300 performs authentication and address resolution with respect 
to the home address, based on the sent MAC address of TE 101 and with reference to the 
above-explained initial information management table 50. That is, if the MAC address of TE 
101 has been registered in the initial information management table 50, IMS 700 returns a 
packet indicating that the TE has been authenticated and also retums the IP address of RAS 
301 of HNW 200; see col 6, line 41-48). 

Regarding Claim 5, Tanimoto 776 discloses the server further con^rises third 
storage means for'^sforing a Ust of the switches being available in the network system, in 
association with a Ust of the logical groups that can be assigned to the terminals belonging to 
each switch's local terminal group (VLAN management server connected to the global 
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network, said server having an address for the global network, and in which a management 
table for indicating a correspondence relationship between each terminal and the remote 
access server and for indicating a location of each terminal under connection is provided, and 
the VLAN management server for managing packet transmission and the location of each 
terminal; see col 1, line 66 to col.2 , line 6. Moreover, when IMS 700 receives the request 
packet, the IMS updates data relating to TE 101 in location information management table 60 
such that the registered data is changed from the IP address of RAC 601, to which TE 101 
was moved and connected, to the IP address of RAS 301; see col. 7, line 1-3. FIG. 3 shows 
location information management table 60, provided in IMS 700 and RAS 301, for managing 
a correspondence relationship between the MAC address of each TE and the IP address (i.e., 
the Intemet address) of the RAS or a RAC, the IP address functioning as locational 
information as for a network to which the TE is connected at the present time. According to 
this table, the IMS and RAS 301 can perform real-time management with respect to location 
of each TE; see col. 5, line 3-1 1) and 

when the query is received from said requesting switch, said server consults said third 
storage means to find logical groups relevant to said requesting switch, and if the relevant 
logical groups do not include the logical group to which said source terminal in question is 
supposed to belong, prevents enrollment of said source terminal to the non included logical 
group (if the MAC address of TE 101 is not registered in initial information management 
table 50, EMS 700 retums a packet indicating that the TE was unauthenticated to RAC 601 
(see step SIO). According to this authentication "NG" packet, RAC 601 rejects the packet 
sent from TE 101 (see step SI 1); see col. 5, line 65-68). 
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Regarding Claim 8, Tanimoto 776 discloses a switch (Routers 400, RAS 301, 
and/or RAC 601; Fig. 1) for use in a network system where a plurality of terminals (Terminal 
TE 101-102, Fig. 1) are interconnected by a plurality of switches that receive and forward 
packets originating from the terminals (Terminal TE 101-102, Fig. 1) under the control of a 
server (IMS 700, Fig.l), the switch comprising: 

storage means for storing information that is used to identify logical group 
membership of the source terminal of a received packet (in router 401, a table with respect to 
the correspondence between each destination layer 3 address and relevant path information, 
that is, a table of routing data, is previously stored; see col 4, line 33-37. Also, reference 
numeral 401 indicates a router, reference numerals 1 1 1 and 1 12 indicate TEs connected to 
and subordinated under router 401, and reference numeral 900 indicates an ARP (Address 
Resolution Protocol) cash managed by router 401; see col. 4, line 45-48); 

query means for sending a query to the server to request information about the logical 
group membership, when said storage means has failed to provide sufficient information to 
identify the logical group membership of a particular source terminal (if layer 3 address is 
known while layer 2 address is unknown for a destination, the layer 2 address can be 
acquired using the ARP cash, this method being known as the "ARP". When layer 2 address 
of TE 1 1 1 is required, router 401 broadcasts an ARP request packet, in which the layer 3 
address of TE 1 1 1 is included, to all connected and subordinated TEs; see col. 4, line 50-57), 
and 
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updating means for updating the information stored in said storage means according 
to a response to the query sent by said query means (router 401 extracts the layer 2 address 
from the ARP response packet and stores it into ARP cache 900 to be used in later 
communication; see col. 4, line 59-62). 

Regarding Claim 9, Tanimoto 776 discloses a server (IMS 700, Fig. 1) for use in a 
network system, which controls a plurality of switches (Routers 400, RAS 301, and RAC 
601) that interconnect a plurality of terminals (Terminal TE 101-102, Fig. 1) by receiving 
and forwarding packets originating from the terminals, the server comprising: 

storage means for storing a list of identifiers of the terminals, in association with 
logical groups to which the terminals belong (FIG. 2 shows initial information management 
table 50 for the VLAN, which is initially provided in IMS 700, and after this initialization, 
the VLAN is arranged with reference to this table. That is, this is a table for setting 
correspondence between MAC addresses of all TEs in the VLAN system and the IP address 
(i.e., the Internet address) of RAS 301; see col 4, line 64-67); 

searching means for searching said storage means in response to a query from one of 
the switches (for this authentication request from RAC 601, IMS 300 performs authentication 
and address resolution with respect to the home address, based on the sent MAC address of 
TE 101 and with reference to the above-explained initial information management table 50; 
see col. 5, line 39-44); and 

transmission means for receiving a search result from said searching means and 
sending the search result to the switch that has sent the query (IMS 700 returns a packet 
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indicating that the TE has been authenticated and also returns the IP address of RAS 301 of 
HNW 200; see col. 5, line 50-55). 



Regarding Claim 10, Tanimoto 776 discloses a computer-readable medium (IMS 
700, Fig. 1), which stores a computer program being designed to run on a computer in order 
to cause the computer to function as a server comprising: 

storage means for storing a list of identifiers of terminals, in association with logical 
groups to which the terminals belong (FIG. 2 shows initial information management table 50 
for the VLAN, which is initially provided in IMS 700, and after this initialization, the VLAN 
is arranged with reference to this table. That is, this is a table for setting correspondence 
between MAC addresses of all TEs in the VLAN system and the IP address (i.e., the Internet 
address) of RAS 301; see col. 4, line 64-67); 

searching means for searching said storage means in response to a query from one of 
the switches (for this authentication request from RAC 601, IMS 300 performs authentication 
and address resolution with respect to the home address, based on the sent MAC address of 
TE 101 and with reference to the above-explained initial information management table 50; 
see col 5, line 39-44); and 

transmission means for receiving a search result from said searching means and 
sending the search result to the switch that has sent the query (IMS 700 retums a packet 
indicating that the TE has been authenticated and also retums the IP address of RAS 301 of 
HNW 200; see col. 5, line 50-55), 
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Claim Rejections - 35 VSC § 103 



The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claim 2 rejected under 35 U.S. C. 103(a) as being unpatentable over Tanimoto 776 in view 
of Suzuki (U.S. Patent 6,496,484). 

Regarding claim 2, Tanimoto 776 discloses transmission means sends the search 
result to said requesting switch (IMS 700 returns a packet indicating that the TE has been 
authenticated and also returns the IP address of RAS 301 of HNW 200; see col. 5, line 46- 



Tanimoto 776 does not explicitly disclose sending the search result to other switches 
(see Suzuki'484 coL 7, Una 18-24, at the routing server in response to the update notifying 
message sending an update request message to the routing nodes other than the routing node, 
the update request message including the new address information of the new host). 

This limitation is taught by Suzuki'484. It would have been obvious to one having 
ordinary skill in the art at the time the invention was made to modify the system of Tanimoto 
776 as taught by Suzuki'484 for the purpose of updating such an address learning table when 
a new host is connected to a LAN or an existing host is moved to another LAN; see 



50). 
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Suzuki'484 col. 1, line 29-34. The motivation being that by sending updated information to 
the routing nodes, it can easily detect the unknown host. 



4. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Tanimoto 776 in view 
of Hart *003 (U.S. Patent 5,752,003). 

Regarding claim 4, Tanimoto 776 discloses the server further comprises logical 
group producing means for producing a new logical group when said supposition means for 
said source terminal in question as described above in Claim 3. 

Tanimoto 776 does not explicitly disclose supposition means has failed to suggest 
any specific logical group for said source terminal in question (see Hart '003 col. 3, line 58- 
66, if a packet is received from a source node which had not previously sent a packet using 
the identified logical network identifier, then a connection is set up between the virtual net 
server and that source node, adding the new node to the appropriate virtual net domain. 
Thus, the virtual net domain is defined as a group of nodes intended to receive multi- 
destination packets from members of a particular VNET determined by a layer three network 
protocol/network identifier). 

This Umitation is taught by Hart '003. It would have been obvious to one having 
ordinary skill in the art at the time the invention was made to modify the system of Tanimoto 
776 as taught by Hart '003 for the pxirpose of managing network traffic, which is achieved 
based on automatically setting up a plurality of VNETs within a single large virtual LAN. 
Multicast/broadcast traffic is confined to the VNET of the source, without imposing 
constraints on layer two addressing within the virtual LAN; see Hart '003 col. 3, line 10-14. 
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The motivation being that by automatic setting, it can enhance the network administrator's 
tasks. 



5, Claim 6 rejected under 35 U.S.C. 103(a) as being unpatentable over Tanimoto 776 in view 
of HoUoway (U.S. Patent 5,905,859). 

Regarding claim 6, Tanimoto 776 discloses the server further comprises notification 
as described above in Claim 1 and 5 above. 

Tanimoto 776 does not exphcitly disclose notifying an administrator if said 
requesting switch is not included in the list of the available switches (see Holloway '859 col. 
7, line 54-59, if any discrepancies are detected, e.g., if a station is removed from the Ust or 
added to the list, then an SNMP trap is sent to the network management station. This 
notification alerts the network administrator that a potential security exposure exists in the 
campus network). 

This limitation is taught by Holloway '859. It would have been obvious to one having 
ordinary skill in the art at the time the invention was made to modify the system of Tanimoto 
776 as taught by Holloway '859 for the purpose of managing devices of a computer network 
that enables a comprehensive solution and that not only provides for detection of security 
intrusions, but also provides the proactive actions needed to stop the proliferation of security 
intrusions; see Holloway '859 col. 2, line 42-45. The motivation being that by alerting the 
system administrator, it can enhance the network security. 
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6. Claim 7 rejected under 35 U.S.C. 103(a) as being unpatentable over Tanimoto 776 in view 
of Dobbins (U.S. Patent 6,147,995). 

Regarding claim 7, Tanimoto 776 discloses the server further comprises 
registration/storing of said requesting switch to said third storage means as described above 
in Claim 1 and 5 above. 

Tanimoto 776 does not explicitly disclose adding an entry for said requesting switch 
when the list of the available switches does not include said requesting switch (see Dobbins 
'995 col. 8, line 14-25, a central connection server programs the point-to-multipoint 
connections between all of the SFPS switches, as there is no provision in each switch to do so 
(see MIO in FIG. 1). Thus, any time the connection server "discovers" a change in a 
switched topology, it has to reprogram the multicast channel between the switches. The 
server accesses a common directory for mapping end systems to VLAN-IDs. A management 
appHcation may provide this on the front end, and in addition provide for changes to the 
mapping in the directory itself and in any switches that have been informed of the mapping. 
Any end system not defined with a VLAN would default to VLAN-1 . Moreover, see Dobbins 
'995 col. 7, Line 17-24, as each end system is discovered by an access switch, it is registered 
with a common directory of end systems for the entire network, and the directory then returns 
a list of VLAN-IDs to the access switch with the "End System Discovery Message ACK." 
Alternatively, a management application may administratively assign the VLAN-IDs, and 
manage the end system and port tables in the switch). 

This limitation is taught by Dobbins '995. It would have been obvious to one having 
ordinary skill in the art at the time the invention was made to modify the system of Tanimoto 
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776 as taught by Dobbins *995 for the purpose of for estabUshing restricted broadcast groups 
within a switching fabric, known as virtual LANs (VLANs). The VLANs provide a simple 
but robust mechanism for allowing broadcast and multicast packets to be "flooded" through 
the switching fabric and transmitted only to those users or ports defined for a particular 
VLAN; see Dobbins '995 col. 2, Une 62-66. The motivation being that by storing switch 
information at the common table at the server, it can enhance VLAN network switching 
performance. 



« 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ian N Moore whose telephone number is 703-605-1 53 1 . The 
examiner can normally be reached on M-F: 9-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Doug 01ms can be reached on 703-305-4703. The fax phone number for the 
organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-3900. 



Ian N Moore 
Examiner 
Art Unit 2661 
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